xntpd sendto (possible hack?)
Lovell Mcilwain
lovell.mcilwain at gmail.com
Thu Sep 8 13:56:26 UTC 2005
Paul Howarth wrote:
> Lovell Mcilwain wrote:
>
>> Hello all,
>>
>> I just installed a logwatch on my machine and ran it for the first
>> time just a few minutes ago. It showed me something very interesting
>> and it was the only thing in the logwatch log. Just a bunch of the
>> same entries. The IP address varied but most of them looked like
>> invalid arguments except for about 3 of them that didn't. See below:
>>
>> --------------------- XNTPD Begin ------------------------
>> **Unmatched Entries**
>> .....
>> sendto(80.190.233.67): Invalid argument
>> synchronized to 80.190.233.67, stratum 2
>> synchronized to 80.33.117.152, stratum 3
>> sendto(80.190.233.67): Invalid argument
>> .....
>> ---------------------- XNTPD End -----------------------
>>
>> Does anyone know what this means or can this possibly mean that my
>> system has been hacked?
>
>
> These entries mean that some of the ntp servers you're using (probably
> results returned from lookups of pool.ntp.org) aren't responding
> reliably. This is not unusual and may be a result of issues with your
> own network link.
>
> Paul.
>
I did check my preferences for my time server and found that I didn't
have a time server specified even though I had ntp enabled. I guess my
other question is, if I don't manually specify one, does it choose from
any of the other ones as a default? I noticed in my ntp.conf file there
a bunch of time servers listed. But does it restrict itself to the #
--- OUR TIMESERVERS ----- section?
More information about the fedora-list
mailing list